Revolutionizing networking and security: Aviatrix introduces Distributed Cloud Firewall for Kubernetes
Even though Kubernetes streamlines the governance of applications through container management, operational challenges arise if the workloads are not compatible. Aviatrix Systems Inc. is taming this pain point through a network security solution.
The containerization journey has not been smooth sailing, since only 10% of enterprise apps have migrated to containers, and Aviatrix intends to change this narrative through the Distributed Cloud Firewall for Kubernetes, according to Mitch Connors (pictured), senior principal software engineer at Aviatrix.
“KubeCon’s been going now for 8 to 10 years, and we’re still day zero,” he said. “We’re only at 10% completion of what we’ve set out to do, and what that means is that a Kubernetes-only solution for networking solves 10% of your problem as a large enterprise. So, my move to Aviatrix was very strategic. I wanted to work on the 90% problem, and then also serve the 10% problem. We’re announcing that our features are going to be extending to Kubernetes services with our Distributed Cloud Firewall for Kubernetes.”
Connors spoke with theCUBE principal analyst Rob Strechay and guest host Dustin Kirkland at KubeCon + CloudNativeCon Europe, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how Distributed Cloud Firewall for Kubernetes propels operational efficiency. (* Disclosure below.)
A solution that is meant to run across the board
Auto scaling in virtual machines triggers new IP addresses all the time, and updating them is a tall order. Nevertheless, Distributed Cloud Firewall for Kubernetes tackles this challenge because they are automatically updated and deployed across the board, according to Connors.
“A distributed cloud firewall is pretty cool,” he said. “You get to write your firewall rules, but you don’t ever think about where they’re going to run because they run everywhere. Anywhere there is a gateway moving traffic from one subnet to another will enforce that firewall rule. Auto scaling is precisely what Kubernetes is built to solve. It was really just a very small engineering effort to go that last mile.”
Service mesh is changing the game in the networking field. This is because it tackles all the service communication in applications and, in the process, bridges the identity gap in IP addresses by bringing everything together, Connors pointed out.
“Traditional layer three networks are going to be based on IP address as a form of identity,” he said. “Service mesh really advanced to state of the art by saying, ‘We can make identity irrelevant to IP address.’ You take your app, you move it from Amazon to Microsoft to somewhere else, the identity is actually cryptographic and moves with the application, and you don’t need to worry about location.”
Since platform engineering is materializing as DevOps with guardrails, it has become an important sector in the enterprise world. As a result, companies should come up with solutions that favor platform engineering teams so they are not constrained, according to Connors.
“Platform engineers take on the responsibility of understanding the layer three network, the layer four network, the layer seven,” he explained. “They’ll bring in some SecOps people who understand the security tooling, both from a network perspective and from a software supply chain perspective. They put all that together into one package. I think the market is ripe for a solution that, instead of requiring them to learn their network twice and to build their network twice, allows them to define it once for everywhere that they run, and that’s the bet that Aviatrix is making.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of KubeCon + CloudNativeCon Europe:
(* Disclosure: TheCUBE is a paid media partner for the KubeCon + CloudNativeCon Europe event. No sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU